Partial #186 Regression

[andercs]

The fix created as of #186 appears to have since shifted to CookieSessionProvider.CreateSession in session_cookie.go.

The downside to this is that unless CreateSession is called, then net.SplitHostPort is never called. which can be somewhat problematic for testing purposes wherein an extraneous utility creates a fake token and we'd like to use CookieSessionProvider.DeleteSession to create the set-cookie header to delete it in our integration tests.

The suggested fix is to update the DefaultSessionProvider in new.go to set the Domain to opts.URL.Hostname, instead of opts.URL.Host. This silently strips the port, if any exists, from the given URL.

With that in mind, we might still want to leave the separate fix in CreateSession in case someone creates a CookieSessionProvider manually rather than by using New and getting a Middleware with a pre-populated CookieSessionProvider.

[andercs]

Actually put the cart before the horse and didn't look at the main branch. Looks like the issue is effectively resolved via #335. Apologies for making the issue.

Hope a new release gets cut soon, so that we can roll it out on our project! 😃